From 32a720030508dbd818babe4440509e9933ce811f Mon Sep 17 00:00:00 2001
From: Firstyear <william@blackhats.net.au>
Date: Mon, 19 Jun 2023 15:02:09 +1000
Subject: [PATCH] Fix block_on in ssh authorised keys (#1752)

---
 platform/opensuse/kanidm-unixd-tasks.service | 1 -
 platform/opensuse/kanidm-unixd.service       | 1 -
 platform/opensuse/kanidmd.service            | 1 -
 unix_integration/src/client.rs               | 3 +++
 unix_integration/src/daemon.rs               | 5 +++--
 unix_integration/src/ssh_authorizedkeys.rs   | 3 +--
 6 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/platform/opensuse/kanidm-unixd-tasks.service b/platform/opensuse/kanidm-unixd-tasks.service
index 17b2ff865..9bbe8078a 100644
--- a/platform/opensuse/kanidm-unixd-tasks.service
+++ b/platform/opensuse/kanidm-unixd-tasks.service
@@ -11,7 +11,6 @@ After=chronyd.service ntpd.service network-online.target kanidm-unixd.service
 User=root
 Type=simple
 ExecStart=/usr/sbin/kanidm_unixd_tasks
-KillSignal=SIGINT
 
 CapabilityBoundingSet=CAP_CHOWN CAP_FOWNER CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH
 # SystemCallFilter=@aio @basic-io @chown @file-system @io-event @network-io @sync
diff --git a/platform/opensuse/kanidm-unixd.service b/platform/opensuse/kanidm-unixd.service
index 187a0abe2..33ae50fea 100644
--- a/platform/opensuse/kanidm-unixd.service
+++ b/platform/opensuse/kanidm-unixd.service
@@ -14,7 +14,6 @@ RuntimeDirectory=kanidm-unixd
 
 Type=simple
 ExecStart=/usr/sbin/kanidm_unixd
-KillSignal=SIGINT
 
 # Implied by dynamic user.
 # ProtectHome=
diff --git a/platform/opensuse/kanidmd.service b/platform/opensuse/kanidmd.service
index 471e081f0..9bc7089b9 100644
--- a/platform/opensuse/kanidmd.service
+++ b/platform/opensuse/kanidmd.service
@@ -13,7 +13,6 @@ DynamicUser=yes
 UMask=0027
 StateDirectory=kanidm
 ExecStart=/usr/sbin/kanidmd server -c /etc/kanidm/server.toml
-KillSignal=SIGINT
 
 NoNewPrivileges=true
 PrivateTmp=true
diff --git a/unix_integration/src/client.rs b/unix_integration/src/client.rs
index a9784221a..37d51179e 100644
--- a/unix_integration/src/client.rs
+++ b/unix_integration/src/client.rs
@@ -50,12 +50,15 @@ impl ClientCodec {
 
 /// Makes a call to kanidm_unixd via a unix socket at `path`
 pub async fn call_daemon(path: &str, req: ClientRequest) -> Result<ClientResponse, Box<dyn Error>> {
+    trace!(?path, ?req);
     let stream = UnixStream::connect(path).await?;
+    trace!("connected");
 
     let mut reqs = Framed::new(stream, ClientCodec::new());
 
     reqs.send(req).await?;
     reqs.flush().await?;
+    trace!("flushed, waiting ...");
 
     match reqs.next().await {
         Some(Ok(res)) => {
diff --git a/unix_integration/src/daemon.rs b/unix_integration/src/daemon.rs
index 5c93d9b5c..5affd3b93 100644
--- a/unix_integration/src/daemon.rs
+++ b/unix_integration/src/daemon.rs
@@ -58,6 +58,7 @@ impl Decoder for ClientCodec {
     type Item = ClientRequest;
 
     fn decode(&mut self, src: &mut BytesMut) -> Result<Option<Self::Item>, Self::Error> {
+        trace!("Attempting to decode request ...");
         match serde_json::from_slice::<ClientRequest>(src) {
             Ok(msg) => {
                 // Clear the buffer for the next message.
@@ -73,7 +74,7 @@ impl Encoder<ClientResponse> for ClientCodec {
     type Error = io::Error;
 
     fn encode(&mut self, msg: ClientResponse, dst: &mut BytesMut) -> Result<(), Self::Error> {
-        debug!("Attempting to send response -> {:?} ...", msg);
+        trace!("Attempting to send response -> {:?} ...", msg);
         let data = serde_json::to_vec(&msg).map_err(|e| {
             error!("socket encoding error -> {:?}", e);
             io::Error::new(io::ErrorKind::Other, "JSON encode error")
@@ -194,9 +195,9 @@ async fn handle_client(
     task_channel_tx: &Sender<AsyncTaskRequest>,
 ) -> Result<(), Box<dyn Error>> {
     debug!("Accepted connection");
-
     let mut reqs = Framed::new(sock, ClientCodec::new());
 
+    trace!("Waiting for requests ...");
     while let Some(Ok(req)) = reqs.next().await {
         let resp = match req {
             ClientRequest::SshKey(account_id) => {
diff --git a/unix_integration/src/ssh_authorizedkeys.rs b/unix_integration/src/ssh_authorizedkeys.rs
index cb5f01ceb..adf427e07 100644
--- a/unix_integration/src/ssh_authorizedkeys.rs
+++ b/unix_integration/src/ssh_authorizedkeys.rs
@@ -17,7 +17,6 @@ use std::path::PathBuf;
 use std::process::ExitCode;
 
 use clap::Parser;
-use futures::executor::block_on;
 use kanidm_unix_common::client::call_daemon;
 use kanidm_unix_common::constants::DEFAULT_CONFIG_PATH;
 use kanidm_unix_common::unix_config::KanidmUnixdConfig;
@@ -66,7 +65,7 @@ async fn main() -> ExitCode {
     }
     let req = ClientRequest::SshKey(opt.account_id);
 
-    match block_on(call_daemon(cfg.sock_path.as_str(), req)) {
+    match call_daemon(cfg.sock_path.as_str(), req).await {
         Ok(r) => match r {
             ClientResponse::SshKeys(sk) => sk.iter().for_each(|k| {
                 println!("{}", k);